Centrify updates their Privileged Identity Management Solution

Centrify have announced several changes to their privileged identity management (PIM) solution. The new capabilities allow organisations to move to a just-in-time model of advanced monitoring to detect and alert in real-time. Centrify have sent us the following explaining the changes:

A recent Forrester study examined four levels of Identity Access Management (IAM) maturity. It found a direct correlation between the number of PIM best practices an organisation has implemented and the number of security incidents it encounters. Centrify’s new PIM capabilities enable these best practices, adding to Centrify’s already comprehensive set of integrated services that help organisations increase their IAM maturity level and security posture.

Establish Identity Assurance. Centrify ensures accountability by having users log in as themselves and attributing all activity to the individual. Its advanced host-based auditing capabilities now include process-level monitoring in addition to existing shell-based monitoring to attribute all activity to the individual instead of a shared account or alias. This new advanced monitoring adds a layer of security that is virtually impossible to spoof.

Limit Lateral Movement. Centrify enables organisations to reduce the attack surface by governing privileged access and ensuring users’ privileges only apply on the approved server. Now you can require access approvals for role assignment and make them short-lived. Centrify’s proven host-based privilege management ensures that the user’s approved privileges apply only to the target system, and cannot be used across the network on other computers. And if credentials are compromised, hackers and malware will not have the privileges that would allow them to wreak havoc within your network.

Institute Least Privilege. Centrify now uniquely governs access to both privileged accounts and privilege elevation via roles enabling organisations to implement true cross-platform least privilege access. Centrify lowers the risk of a security breach by granting just-in-time privilege and just-enough-privilege through temporary and time-bound access that leverages request and approval workflows. Audit trails and compliance reporting capabilities now include who has access, who approved that access and how that access was used across privileged accounts and privileged roles.

Monitor Privileged Use. Centrify now monitors for the creation of backdoors whose existence make privileged access to infrastructure convenient instead of secure. Centrify’s advanced monitoring capabilities detect the growing threatscape and alert in real time through SIEM integration on rogue creation of SSH keys that enable privileged access that bypasses the password vault.

According to the Forrester study, organisations that reach the highest levels on the maturity scale are 50 per cent less likely to have a breach. In addition, these organisations save 40 per cent in security costs over their less mature counterparts, and spend $5 million less in breach costs.